Security system and method of in-flight entertainment device rentals having self-contained, audiovisual presentations

ABSTRACT

A security method for in-flight entertainment device (IFED) rentals having self-contained, audiovisual presentations is disclosed. A self-contained IFED has internal storage configured to contain current releases of movies and other audiovisual presentations. The method provides layers of security including unique bit stream encoding format, watermarking, camera artifacts, file encryption, hard drive encryption, input-output encryption and physically unique connectors, and tamper resistant casing the self-contained IFEDs.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of, and claims priority to and thebenefit of, U.S. patent application Ser. No. 10/657,822, filed on Sep.8, 2003 and titled “SECURITY SYSTEM AND METHOD OF IN-FLIGHTENTERTAINMENT DEVICE RENTALS HAVING SELF-CONTAINED, AUDIOVISUALPRESENTATIONS,” now U.S. Pat. No. 8,406,453 issued on Mar. 26, 2013,which application is expressly incorporated herein in its entirety bythis reference.

BACKGROUND

1. Field of the Invention

The present invention is directed generally to security measures forelectronic devices and, more particularly, to security measures forentertainment devices having self-contained, audiovisual presentationsfor rent to passengers of conveyances such as commercial airlineflights.

2. Description of the Related Art

Rental of entertainment devices having self-contained, audiovisualpresentations to be used by passengers during a commercial airlineflight can provide individually tailored, current entertainment andother services to the passengers during the commercial flight.Unfortunately, conventional security measures for electronic devicesgenerally afford an insufficient degree of protection from theft of thevaluable audiovisual properties that would be stored on theself-contained, in-flight entertainment device. Without a level ofsecurity greater than conventional approaches, adoption ofself-contained, in-flight entertainment devices having current moviesand other audiovisual presentations could suffer due to risks involvedwith allowing members of the general public to rent such devices.Consequently, prior support for their implementation has not beenavailable.

BRIEF SUMMARY

The present invention resides in a security system and method ofin-flight entertainment device rentals having self-contained,audiovisual presentations. Aspects include receiving an audiovisualmaster file from a movie recording studio or other organizationcontaining an audiovisual presentation such as a to-be-released orrecently released movie, the audiovisual master file being in a firstencoded and compressed format. Aspects further include adding watermarkcharacters to the encoded audiovisual master file, adding cameraartifacts to the encoded audiovisual master file, encrypting the encodedaudiovisual master file to create an encrypted encoded audiovisualmaster file, generating keys associated with the encrypted encodedaudiovisual master file for using in decoding the encrypted encodedaudiovisual master file, and transmitting the encrypted encodedaudiovisual master file and the associated keys to a distribution pointhost computer. Aspects further include loading the transmitted encryptedencoded audiovisual master file on the distribution point host computer,linking the distribution point host computer with a self-containedentertainment device and establishing bi-directional authenticationbetween the distribution point host computer and the self-containedentertainment device through use, in part, of an input-output of theself-contained entertainment device, and after bi-directionalauthentication occurs, using the distribution point host computer todelete at least some of the previously loaded encrypted encodedaudiovisual master files from the self-contained entertainment device.Aspects further include using the distribution point host computer totransfer the newly loaded encrypted encoded audiovisual master file andkeys associated with the newly loaded encrypted encoded audiovisualmaster file to the self-contained entertainment device to which thedistribution point host computer is linked without decryption of thenewly loaded encrypted encoded audiovisual master file being transferredto the self-contained entertainment device, and storing the newly loadedencrypted encoded audiovisual master file and the keys associated withthe newly loaded encrypted encoded audiovisual master file on anencrypted hard drive of the self-contained entertainment device to whichthe distribution point host computer is linked.

Other features and advantages of the invention will become apparent fromthe following detailed description, taken in conjunction with theaccompanying drawings.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWING(S)

FIG. 1 is a side-view of a passenger viewing an audiovisual presentationbeing presented by a representative self-contained, in-flightentertainment device (IFED) rental while traveling during a commercialflight.

FIG. 2 is a perspective view of the self-contained IFED of FIG. 1.

FIG. 3 is a schematic view of various elements of the self-containedIFED of FIG. 2 including elements related to security of the one or moreaudiovisual files stored on the self-contained IFED.

FIG. 4 is a schematic view of various levels of security associated withimplementations of the IFED of FIG. 2.

FIG. 5 is a flow-chart of a method associated with security elements ofthe IFED of FIG. 2.

DETAILED DESCRIPTION OF THE INVENTION

A security method and system of in-flight entertainment device (IFED)rentals having self-contained, audiovisual presentations is disclosedherein. A self-contained IFED has internal storage configured to containcurrent releases of movies and other audiovisual presentations.According to implementations of the present system and method, theself-contained IFED can be rented by passengers of commercial airlineflights for viewing of such movies and other audiovisual presentationsduring the flight. Use of the self-contained IFED provides a selectionof audiovisual presentations from which the passengers renting theself-contained IFED can choose. This individualizes the selectionopportunity provided to each passenger by the self-contained IFED andincreases the potential for enjoyment by the passengers compared withconventional systems that display one audiovisual presentation to alarge group of passengers with the passengers having no input on theparticular audiovisual property being presented.

As shown in FIG. 1, a passenger 10 while seated in aircraft seat 12 canview a movie being presented by a self-contained IFED 14 resting on aseat back table 16 that is connected to a forwardly adjacent aircraftseat 18. As is conventional practice, earphones 20 are plugged into asound output 21 on the self-contained IFED to allow the passenger 10 tolisten to the audio portion of the presentation without disturbingfellow passengers. The self-contained IFED 14, further depicted in FIG.2, includes a display 22 for viewing presentations and controls 24 forselection of presentations and adjustment of the self-contained IFED.

The self-contained IFED 14 contains a processor 25, as shown in FIG. 3,for interaction and control of various other components of theself-contained IFED. An encrypted hard drive 26 is included for storingone or more files containing current movies or other audiovisualpresentations. The encrypted hard drive 26 is accessible through a harddrive decryptor 28 so that both encrypted files 30 containing currentmovies and other proprietary property and unencrypted files (not shown)are protected by the encryption mechanisms associated directly with theencrypted hard drive. The encrypted files 30 are further protected bytheir own encryption mechanisms and are only accessible through a filedecryptor 32 containing one or more decryption keys for reading of theencrypted files.

An input-output 34 of unique physical configuration is used to deleteout-dated audiovisual presentations from the encrypted hard drive 26 andto transfer current movie releases and other audiovisual presentationsto the encrypted hard drive. The input-output 34 is formed such that aspecially formed connector of a unique shape complementary to theinput-output is used to connect a workstation to the self-contained IFED14 for the file deletion and loading activities. An input-outputauthenticator 36 is used to verify that the workstation connected to theself-contained IFED 14 through the input-output 34 has authorized accessprivileges. Although the input-output 34 has a unique physicalconfiguration, it can still use standard protocols such as USB 2.0 orIEEE 1394, which can be utilized for the authorization process. Evenwhen access privileges are granted, in some implementations, no readaccess to obtain files from the encrypted hard drive is allowed.

Anti-tamper fasteners 38 are used to physically secure the case of theself-contained IFED 14 together, thereby requiring a unique tool forphysically accessing internal components of the self-contained IFED. Anevidentiary seal 40 is used to seal an internal portion of theself-contained IFED 14 in such a way that if physical access is achievedto the internal components of the self-contained IFED, then theevidentiary seal is broken and easily visible upon inspection.

The various layers of security 42 associated with the self-containedIFED 14 are summarized in FIG. 4 as including one or more encoded filesof one or more original master recordings received from a movierecording studio or other organization. Typically each original masterrecording will be processed to generate a separate encoded file in acompressed format such as MPEG-4 Advanced Simple Profile with DVDplayback quality approximately 1 Mbps. Other implementations have othermodes of compression and display quality. The encoded files are encodedwith a unique bit stream encoding format (layer 44) such that theprocessor 25 of the IFED 14 is specially configured to render theencoded file for display. Consequently, in the event other securitylayers discussed herein are breached, the special configuration of theprocessor 25 will still be needed for viewing, which will help toprevent piracy. During encoding, a digital process is used to addadditional characters to the encoded file as a watermark (layer 46) toidentify details such as time and place of the encoding to assist inforensic tracking if needed through watermark detection software.

Some implementations further include the addition of camera artifacts tothe encoded files (layer 48) during the encoding process. Cameraartifacts are used to hinder illegal video recording taken of moviesbeing displayed on the self-contained IFED 14. The camera artifacts aredisplayed on the display 22 of the self-contained IFED 14 when theencoded file is played on the self-contained IFED, but are not visibleto the passenger 10. Instead, if video recordings are taken of thedisplay 22 during play of the encoded file, the camera artifacts arevisible when these video recordings are viewed. Thus, attempts atrecording video content from the self-contained IFED 14 for laterviewing on equipment other than the self-contained IFED can be hindered.

After the encoding process is completed, the encoded files areencrypted, thereby producing encrypted encoded audiovisual files (layer50). During encryption, a unique key for decryption is generated foreach individual file, which is required for subsequent playing of thefile and is handled by the file decryptor 32 of the self-contained IFED14. The encrypted encoded audiovisual files are stored on the encryptedhard drive 26 (layer 52) such that the hard drive decryptor 28, havingdecryption methods separate from those used to decrypt the individualencrypted files, is necessary for accessing the encrypted files.

In some implementations only the input-output 34 is available forexternal access to the encrypted hard drive 26. As explained above theinput-output 34 has a unique physical configuration. Also, theinput-output 34 uses protocols that require authorization through theinput-output authenticator 36 to occur within a limited window of timeotherwise physical reconnection to the input-output is necessary forfurther access attempts (layer 54). In some implementations, theoperation of the encrypted hard drive 26 together with the input-output34 only allows for writes and delete functions without allowing readfunctions, which can also add to the security provided under layer 54.As discussed, the self-contained IFED 14 also has anti-tamper fasteners38 and an evidentiary seal 40 (layer 56) for an additional layer ofsecurity.

A flow-chart of a method 60 associated with security elements of theself-contained IFED 14 is shown in FIG. 5. The method 60 begins withreceiving an audiovisual master from a movie recording studio or otherorganization containing an audiovisual presentation such as ato-be-released or recently released movie (step 62). The audiovisualmaster is encoded with the special format discussed above and watermarkcharacters are added to the encoded audiovisual file (step 64). In someimplementations, camera artifacts are also added during the encodingprocess (step 66). The encoded audiovisual file is next encrypted (step68) and then sent (as well as associated keys) to a distribution pointhost computer (step 70). The encrypted encoded audiovisual files areloaded on to the distribution host computer. The distribution hostcomputer then links with one of the pluralities of the self-containedIFED 14 in which bi-directional authentication occurs between thedistribution host computer and the self-contained IFED through use inpart of the input-output 34 of the self-contained IFED (step 72).

Once the bidirectional authentication occurs, the distribution hostcomputer can be used to delete out-of-date audiovisual files from theself-contained IFED 14 (step 74). The distribution host computer canthen transfer the encrypted encoded files along with the associated keysto the self-contained IFED 14 without need of decryption of the filesoccurring (step 76). Consequently, the encrypted audiovisual files arestored on the encrypted hard drive 26 of the self-contained IFED 14(step 78). Also, the keys associated with the encrypted audiovisualfiles are stored on the self-contained IFED 14 to be used for subsequentdecryption of the encrypted audiovisual files for display of theassociated audiovisual presentations (e.g. current release movies), suchas during an airline flight (step 80) to an airline passenger who rentedthe self-contained IFED.

From the foregoing it will be appreciated that, although specificembodiments of the invention have been described herein for purposes ofillustration, various modifications may be made without deviating fromthe spirit and scope of the invention. Accordingly, the invention is notlimited except as by the appended claims.

What is claimed is:
 1. A method for providing security forto-be-released or current releases of audiovisual presentations storableon a portable device, comprising: receiving a master file from a sourcefor transfer to a temporarily distributable, portable entertainmentdevice, the master file including an audiovisual presentation that hasbeen encoded and that includes a to-be-released or current release of amovie, the source comprising a movie studio or a movie distributor; andadding a watermark to the audiovisual presentation, the watermarkidentifying a time at which the audiovisual presentation was encoded ora place at which the audiovisual presented was encoded.
 2. The methodrecited in claim 1, further comprising: transmitting the audiovisualpresentation, with the watermark, to a distribution device.
 3. Themethod recited in claim 2, further comprising: connecting thedistribution device to the portable entertainment device.
 4. The methodrecited in claim 3, wherein connecting comprises connecting thedistribution device to a plurality of portable electronic devices. 5.The method recited in claim 3, further comprising: transferring theaudiovisual presentation, with the watermark, from the distributiondevice to the portable entertainment device.
 6. The method recited inclaim 4, wherein the transferred audiovisual presentation is encryptedprior to transferring the audiovisual presentation to the portableentertainment device, and wherein the method further includes: storingone or more keys for decrypting the transferred audiovisual presentationon a hard drive of the portable entertainment device.
 7. The methodrecited in claim 3, further comprising: deleting at least some contentfrom the portable entertainment device with the distribution device. 8.The method recited in claim 3, wherein connecting the distributiondevice to the portable entertainment device includes granting thedistribution device one or both of write and delete access, but withoutalso granting read access.
 9. The method recited in claim 3, whereinconnecting the distribution device to the portable entertainment deviceincludes using a physical connector having a shape unique relative to acommunication protocol used by the physical connector to allowcommunication between the distribution device and the portableentertainment device.
 10. The method recited in claim 3, whereinconnecting the distribution device to the portable entertainment deviceincludes using a physical connector having a shape unique to thedistribution device.
 11. The method recited in claim 3, furthercomprising: authenticating the distribution device using to the portableentertainment device.
 12. The method recited in claim 10, whereinauthentication occurs within a limited time window.
 13. A portable,self-contained entertainment device, comprising: one or more processors;a hard drive containing a plurality of audiovisual presentationscorresponding to to-be-released or current releases of movies, eachaudiovisual presentation of the plurality of audiovisual presentationsbeing derived from one or more master files provided by a movie studioor a movie distributor for inclusion on portable, self-containedentertainment devices; a display for displaying the to-be-released orcurrent releases of movies when accessed using the one or moreprocessors; an input-output; and an input-output authenticator forauthenticating a distribution device attempting to communicatively linkto the one or more processors via the input-output, the input-outputauthenticator limiting access of the distribution device to the harddrive before authentication.
 14. The portable, self-containedentertainment device recited in claim 13, wherein the input-outputauthenticator requires authentication within a limited time window. 15.The portable, self-contained entertainment device recited in claim 14,wherein the input-output authenticator requires a physical disconnectionand reconnection to restart authentication if authentication is notcompleted within the limited time window.
 16. The portable,self-contained entertainment device recited in claim 13, an audiovisualpresentation of the plurality of audiovisual presentations is encodedand includes a watermark identifying a time at which the audiovisualpresentation was encoded or a place at which the audiovisualpresentation was encoded.
 17. The portable, self-contained entertainmentdevice recited in claim 16, wherein each audiovisual presentation of theplurality of audiovisual presentations is encoded and includes awatermark identifying a time at which the audiovisual presentation wasencoded or a place at which the audiovisual presentation was encoded.18. The portable, self-contained entertainment device recited in claim13, wherein the input-output includes a physical connection configuredas an exclusive input for content to the portable, self-containedentertainment device.
 19. A method for updating content on a computingdevice, comprising: connecting a computing device to a distributiondevice; authorizing the distribution device; initializing a timer forlimiting a length of time for authorizing the distribution device to alimited window of time; when authorization occurs within the limitedwindow of time, updating content on the computing device with thedistribution device; and when authorization does not occur within thelimited window of time, requiring physical disconnection andreconnection between the computing device and distribution device andrepeating the act of initializing.
 20. The method recited in claim 19,wherein updating content on the computing device includes granting writeand delete access to the distribution device, but not granting readaccess.
 21. The method recited in claim 19, wherein connecting thecomputing device comprises connecting a portable, self-containedentertainment device to the distribution device.
 22. The method recitedin claim 21, wherein updating content on the computing device includesuploading one or more to-be-released or current releases of moviescorresponding to audiovisual master files provided by a movie studio ora movie distributor for use with at least one temporarily distributable,portable, self-contained entertainment device.